<?php
session_start();
include "dbconnect.inc.php"; 
  if($_POST){
      $user=$_POST['user'];
      $password=$_POST['password'];
      $sql=mysql_query("select * from kunde where user='$user' and password='$password'");
      $res=mysql_num_rows($sql); 
        if($res>0){
            $rs_login=mysql_fetch_assoc($sql);
            $id=$rs_login['id'];
            $user=$rs_login['user'];
            $_SESSION['login']['id']=$id;
            $_SESSION['login']['user']=$user;
            
            $now = date("Y-m-d H:i:s");            
            $sql=mysql_query("UPDATE kunde SET lastlogin='$now' where id='$id'");
            echo "Erfolgreich";
        } else {
            echo "Benutzername oder Password falsch!";
	   }
   }
?>